Cyber Defence Analyst

Cyber Defence Analyst

Location: Farnborough on a 12-hour, 4 days on, 4 days off day and night shift pattern

The Role:

Leidos, a Global IT Solutions Provider specialising in large scale implementations involving science, engineering, and technology, require a Cyber Defence Analyst to work in their CSOC (Cyber Security Operations Centre) Team. 

The Cyber Defence Analyst will be expected to contribute to the growth and development of the CSOC.  You will work with a wide variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customer’s Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack.

The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate sufficient transferable Cyber Security knowledge, qualifications, aptitude, and passion to quickly learn the Cyber Defence Analyst role. 

To succeed in the role the candidate must be capable of working under pressure, delivering on multiple customer accounts and have an appetite to progress and develop their own Cyber Security career.  The role will be working within the CSOC, adhering to a matrix managed environment, reporting operationally to the CSOC Lead and accountable to the CSOC Manager.

What will I be doing?

• Maintain the integrity and security of Cyber Security systems and networks.
• Support Cyber Security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.
• Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments.
• Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security Information Event Monitoring (SIEM), End Point Protection (EPP), End Point Detection and Response (EDR), XDR (Extended DR), Web Application Firewall (WAF), and Firewalls.
• Proactively detect suspicious activity, vulnerabilities, and security misconfigurations before they can be exploited by adversaries impacting Confidentiality, Integrity and Availability which could lead to a Cyber Security Incident.
• Inspection and correlation of logs from multiple sources to identify repeating patterns and Indicators of Compromise (IOC).
• Continuously scan the Threat Horizon to report and classify Threats according to impact which could potentially damage a client’s network or solution.
• Engage with various security communities to review and share knowledge on IOC’s and Threats.
• Follow and develop the Cyber Security Incident Response Process.
• Follow and develop Playbooks.
• Apply Cyber Security Incident Prioritisation Criteria to classify and rate Cyber Security Incidents.
• Define and coordinate the application of countermeasures to mitigate Threats which can be used in action plans to respond to Cyber Security Incidents
• Ensure confidentiality and discretion is practiced when dealing with multiple clients to demonstrate professionalism and evidence their information is not shared with others.
• Run Vulnerability Assessment tools to measure compliance with security updates and security patches.
• Member of a Team who are responsible for making multiple daily CSOC checks to detect and respond to suspicious activity or alerts.
• Concisely and with detail record the events of a Cyber Security Incident and their own actions to deliver an effective handover during shift changes.
• Strive to continuously improve CSOC processes and procedures.
• Collaborate closely with stakeholders from other Technology stacks to contribute to the Cyber Security Incident Response.
• As part of a team perform table top scenarios and produce lessons learned.

What does Leidos need from me?

• Experience of Sentinel, Microsoft XDR and Microsoft Defender variants, and Elastic Security, or displays aptitude to learn how to work with a SIEM.
• Experience and knowledge of SIEM tools, Cyber Security Incident Response, Vulnerability Management and Cyber Threat Intelligence.
• Experience of investigating Cyber Security incidents and supporting root cause analysis or can demonstrate transferable skills and acumen to learn and excel at it.
• Understanding of the Confidentiality, Integrity, and Availability (CIA) triad.
• Understanding of current trends for malware, ransomware and Advanced Persistent Threats affecting Cloud Platforms and On-Premises solutions.
• Experience of working with the disciplines of a Change Controlled environment.
• An understanding of the OSI 7 network layers.
• An understanding of the TCP/IP network layers.
• An understanding of network and boundary protection controls for both Cloud and On-Premises solutions including but not limited to Firewalls, Network Access Control Lists, Network Security Groups, DDoS Protection, VPN’s, Mail Gateways, Web Proxies, Load Balancers including Web Application Firewalls, Intrusion Prevention System, and Intrusion Detection Systems.

Communication and Soft Skills

• Good verbal and written communication skills required for hand overs, reports, and documenting events during a Cyber Security Incident.
• Positive and initiative-taking attitude, a collaborator, works well in a team environment, open to taking feedback to learn, able to cope with team dynamics with differing viewpoints and can also work with minimal supervision.
• Ability to build strong relationships with customers and internal stakeholders.
• Ability to logically analyse a problem and identify a plan to fix or remediate.
• Ability to track market trends and suppliers to keep at the forefront of Cyber Security Technology.
• Ability to manage multiple streams of work, prioritising, and escalating, as necessary.
• An initiative-taker who can see past obstacles driving a solution through to completion.
• Agility and flexibility to cover shifts at short notice to ensure the CSOC can continue to protect its customers

Desirable

• Exposure to working on or within HMG classified systems or programs

Clearance Requirements:

• Due to the nature of the work candidates must be British and non-dual national
• Candidates will need to be eligible to hold DV clearance
• Clearance to start role: SC

What we do for you:
At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.

We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:
•    Contributory Pension Scheme
•    Private Medical Insurance
•    33 days Annual Leave (including public and privilege holidays)
•    Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)

•    Flexi-Time Working

Commitment to Diversity:

We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture.  We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone.  If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.

Who We Are:

Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science.

Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation.

What Makes Us Different:

Purpose: you can use your passion and abilities at Leidos to keep the people you care about safe. We are at the forefront of machine learning, AI, cyber security and solutions. Using your skills in the technology frontline by helping to build a safer world.  You can inspire change.

Collaboration: having flexibility to do your job is one of our core benefits, enabling you to become part of our extraordinary team.  We have been empowering our people to work flexibly for years.  Whether you work from home, the office or on customer sites, we will give you the digital tools and the flexibility to work smarter and align your needs and ours.          

People: Leidos empowers people from every background to be themselves and gives you the tools to learn new skills by enabling growth whilst developing. We believe that extraordinary people need opportunities to grow, to be inspired and to inspire others. At Leidos, we invest in technical academies, career rotations and a career development plans that enhance your future.

Come break things (in a good way). Then build them smarter.

We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.”

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.